Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z]

RA (risk analysis)

Radio Frequency Identification (RFID)

RAM

     for Secure Session Object pattern

     in smart cards

Random number generation

Rationale in security design

RBAC profiles

RC6 algorithm

Reactive security

Readers

     RFID

     smart card 2nd

Reality checks 2nd

     Business tier

     Client Device tier

     for administration

     for policies

     for quality of services

     in security pattern templates

         Assertion Builder

         Audit Interceptor

         Authentication Enforcer

         Authorization Enforcer

         Container Managed Security

         Credential Tokenizer

         Dynamic Service Management

         Intercepting Validator

         Intercepting Web Agent

         Message Inspector

         Message Interceptor Gateway

         Obfuscated Transfer Object

         Password Synchronizer

         Policy Delegate

         Secure Base Action

         Secure Logger

         Secure Message Router

         Secure Pipe

         Secure Service Facade

         Secure Service Proxy

         Secure Session Object

         Single Sign-on Delegator

     Integration tier

     Presentation tier

     Web tier

Realms

     for smart cards

     J2EE 2nd

     JAAS

Reconciliation in user account provisioning

Recovery 2nd

     in case study

     in use cases

     in XKMS

     key

     service

Redirection, web

Redundancy in Policy Delegate pattern

Refactoring security design

Reference templates for biometrics

registerObject method

Registration

     identity

     UDDI

Registries

     Dynamic Service Management pattern

     UDDI

     Web services

     XACML

RegistryMonitor class

Regulatory policies

Reissue service, key

REL (Rights Expression Language)

Related patterns in security pattern templates 2nd

     Assertion Builder

     Audit Interceptor

     Authentication Enforcer

     Authorization Enforcer

     Container Managed Security

     Credential Tokenizer

     Dynamic Service Management

     Intercepting Validator

     Intercepting Web Agent

     Message Inspector

     Message Interceptor Gateway

     Obfuscated Transfer Object

     Password Synchronizer

     Policy Delegate

     Secure Base Action

     Secure Logger

     Secure Message Router

     Secure Pipe

     Secure Service Facade

     Secure Service Proxy

     Secure Session Object

     Single Sign-on Delegator

Relationships in Liberty Alliance

Reliability

     Assertion Builder pattern

     Secure Message Router pattern

reloadMBeans method

Remote interface and services

     Secure Service Facade pattern

     Single Sign-on Delegator pattern

removeAssertionReply method

removeAssertionStatement method

removeCompRef method

removeSessionInfo method

removeSSOTokenMap method

Replay attacks

     Intercepting Web Agent pattern

     SAML

     Web services

     XKMS

Reporting practices

     Gramm-Leach-Bliley Act

     Sarbanes-Oxley Act

Reporting services in identity management

Repository

     for biometric information

     SAML

     XACML

Request messages

     Message Inspector pattern 2nd

     Secure Message Router pattern

Request-reply model

     SAML

         attribute assertion

         authentication assertions

     SPML

RequestContext class

     Authentication Enforcer pattern

     Authorization Enforcer pattern

     JAAS Login Module Strategy

Requesters for Web services

Requesting Authority

RequestMessage class

Requests, XACML

Required flag

Requirements

     in use cases

     Secure UP 2nd

     security basics

Requisite flag

Resource principals

Resource profiles

Resources tier

respond method

Response APDUs

Response Message

     Message Inspector pattern

     Message Interceptor Gateway pattern

Retinal analysis

Reusability

    in security patterns

         Authorization Enforcer

         Message Inspector

         Message Interceptor Gateway

         Secure Base Action

         Secure Message Router

     Java components

     password

Reverse engineering Java code

Revocation issues and services

     LDAP

     Single Sign-on Delegator pattern

     X-KRSS

Revoked smart cards

RFID (Radio Frequency Identification)

Rich-client authentication

Rights Expression Language (REL)

Rijndael algorithm

RIPEMD-160 encryption algorithms

Risk analysis (RA)

Risk Analyzer

Risks

     in case study 2nd

     in patterns-driven security design

    in security patterns

         Assertion Builder

         Audit Interceptor

         Authentication Enforcer

         Authorization Enforcer

         Container Managed Security

         Credential Tokenizer

         Dynamic Service Management

         Intercepting Validator

         Intercepting Web Agent

         Message Inspector

         Message Interceptor Gateway

         Obfuscated Transfer Object

         Password Synchronizer

         Policy Delegate

         Secure Base Action

         Secure Logger

         Secure Message Router

         Secure Pipe

         Secure Service Facade

         Secure Service Proxy

         Secure Session Object

         Single Sign-on Delegator

     in security provisioning patterns

     in trust model

     in use cases

     in Web services

RMI socket factories

     client

     server

RMI/IIOP-based clients

ROI study

Roles

     Business tier 2nd

     Container Managed Security pattern

     identity management

     J2EE 2nd

ROM in smart cards

Root certificates

Root nodes in attack trees

Rotate ciphers

Routers. [See Secure Message Router pattern]

RPC style web services

RSA BSAFE Secure-WS toolkit

RSA cipher

RSA-SHA1 algorithm

Rule Engine

Rule-based service integration and invocation

Rules

     EPAL

     in policy design

     XACML

run method

Run-as identity

Related

Категории